Public Key Cryptography

Abstract- normal- severalise coding is a primeval technology for e-commerce, intranets, extranets and former(a) nett-enabled applications. However, to garner the benefits of human race- primeval cryptanalytics, a supporting fundament is needed. The Microsoft Windows 2000 operating formation includes a native public- primordial foot (PKI) that is designed from the ground up to take full ad traintage of the Windows 2000 protective c everywhere architecture.This paper marks the fundamentals of public- recognise security measures systems, including what benefits they offer and what comp cardinalnts be implyd to give them. It also describes how the Windows 2000 PKI comp cardinalnts deliver the needed services while providing interoper skill, security, flexibility, and relief of social function. I. Overview Public- call cryptography offers material security benefits when its properly implemented. Like other enabling technologies, public- notice cryptography requires an inf rastructure to deliver its benefits.However, the public- delineate infrastructure, or PKI, isnt a physical object or softw atomic act 18 process instead, its a stigmatise of useful services caterd by a collection of interconnected components These components work together to provide public-key-based security services to applications and users. This white paper has cardinal goals to explain public-key technology and its uses, and to describe the boasts and benefits provided by the native PKI in the Microsoft Windows 2000 operating system.Understanding almost(prenominal) of these topics result armed service you to decide where you neverthelesst joint use PKI technology to improve your business processes and profit your ability to repairly handle transactions with others. In this paper, youll learn what a public key infrastructure is, what desirable benefits it butt offer your routines, and how the Windows 2000 PKI delivers interoperability, security, flexibility, and e ase of use. II. History During the early history of cryptography, two parties would mark off upon a key using a get, but non- cryptographic, method for example, a face-to-face meeting or an exchange via a self-relianceed courier.This key, which both parties kept short cloistered, could then be apply to exchange encrypted messages. A number of signifi suffert practical difficulties arise in this approach to distributing keys. Public-key cryptography addresses these drawbacks so that users whoremonger communicate securely over a public channel without having to agree upon a sh bed key beforehand. In 1874, a book by William Stanley Jevons1 described the human relationship of one- dash functions to cryptography and went on to discuss specifically the factorization problem used to create the trapdoor function in theRSA system.Since the 1970s, a large number and variety of encryption, digital pinch, key agreement, and other techniques get under ones skin been developed in the f ield of public-key cryptography. The ElGamal cryptosystem (invented by Taher ElGamal) relies on the (similar, and related) difficulty of the clear-cut logarithm problem, as does the nearly related DSA developed at the US National Security Agency (NSA) and published by NIST as a proposed standard. The introduction of elliptic curve cryptography by Neal Koblitz and Victor moth miller independently and simultaneously in the mid-1980s has yielded new public-key algorithms based on the distinct logarithm problem.Although mathematically more complex, elliptic curves provide smaller key sizes and faster operations for equivalent estimated security. III. What is public key cryptography? When to the highest degree people hear the words encrypt or cryptography, they immediately conjecture of secret-key cryptography, wherein two parties share a single secret key thats used both to encrypt and decrypt entropy. Loss or compromise of the secret key makes the data it encrypts vulnerable. By contrast, public-key systems use two keys a public key, designed to be shared, and a mysterious key, which must be closely held.These keys are complementary if you encrypt something with the public key, it erect only be decrypted with the corresponding hugger-mugger key, and vice versa. Public-key systems depend on the mathematical relationship amidst the public and private keys. Its not feasible to derive one from the other. There are two fundamental operations associated with public key cryptography encryption and signing. The goal of encryption is to obscure data in such a way that it trick only be lease by the intended party. In public-key cryptography, if Bob wants to send Alice some private data, he uses her public key to encrypt it, then sends it to her.Upon receiving the encrypted data, Alice uses her private key to decrypt it. The important concept here is that Alice tail end superfluously grant her public key in order to allow anyone in the military personnel to encrypt data that only she can decrypt. If Bob and Chuck both curb copies of her public key, and Chuck intercepts an encrypted message from Bob to Alice, he impart not be able to decrypt it only Alices private key can do that, and she is the only person who holds it. These two operations can be used to provide three capabilities A PrivacyPrivacy is a demand for businesses of all kinds, but its of vital importance for ones that use the Internet. The Internet allows anyone in the world to communicate with anyone else, but it doesnt provide security. Even within your companys natural interlock, if someone can gain physical access to your network media, they can eavesdrop on any data that traverses it. Public-key cryptography provides privacy via data encryption, whether the data is in the form of e-mail messages, credit card meter sent over the Internet, or network traffic.Because public keys can be posted freely, complete st layrs can establish private communications merely by retrieving each others public keys and encrypting the data. B. credentials Any transaction involves two parties, whether theyre a client and a server or a node and a vendor. For many transactions, its desirable for one or both sides to be able to authenticate, or verify the identity of, the other. For instance, before a node provides their credit card number to an e-commerce electronic network site, they will want to get by that they are not talking to an imposter.One way that a customer can do this is by making the web site prove that it holds the right(a) private key. For example, a web browser might encrypt a piece of information using the sites public key and ask the web server to decrypt it, in that respectby demonstrating that the server has the right private key, and proving its identity. Authentication can also take the form of assuring your customers that you produced a accompaniment piece of data and that it has not been tampered with. Public-key cryptography enabl es you to do this by nub of a digital signature, a concept which is an extension of the public-key signing operation discussed above.If Bob wants to digitally sign his companys annual report, he jump generates a unique reproduce of the report using an algorithm called a haschisch algorithm. Hash algorithms are specially designed to guarantee that even a single changed byte in the document will generate a exclusively different hash. Next, he encrypts the report and the hash using his private key. Alice (or anyone else) can verify the origin and legitimacy of the signed report by first decrypting it using Bobs public key, then calculating her take version of the fingerprint and comparing it to the fingerprint she received.If the two match, it proves two things that the report has not been tampered with, and it came from Bob. C. Non-repudiation Businesses require the ability to enter into binding agreements, whether in the physical world or on the Internet. Suppliers and buyers n eed the assurance that if they enter into an agreement, the other party will not be able to repudiate the agreement at some later point. Digital signatures on electronic purchase orders, contracts, and other agreements are statutoryly binding in several countries and in many U.S. states, and legal acceptance is rapidly growing. D. infrastructure Manage keys a PKI makes it easy to introduce new keys, review or revoke existing keys, and manage the trust level attached to keys from different issuers. Publish keys a PKI offers a clear-cut way for clients to locate and retrieve public keys and information about whether a specific key is valid or not. Without the ability to retrieve keys and bash that they are valid, your users cant make use of public key services.Use keys a PKI provides an easy-to-use way for users to use keysnot just by moving keys around where theyre needed, but also by providing easy-to-use applications that perform public-key cryptographic operations, making it p ossible to provide security for e-mail, e-commerce, and networks. E. A capability,not a thing A common misperception is that a PKI is a thing. In fact, its a capabilitythe capability to easily publish, manage, and use public keys. Think of a PKI like a municipal piss system. A body of water system is made up of purification plants, storage towers, pumps, water mains, and so on, as well as the pipes and faucets in your house.All of the different service-providing objects work together to provide a capability for users to obtain water on demand. In a similar way, a PKI consists of a class of discrete components that work together to allow you to use public keys, and public-key cryptography, seamlessly and candidly. The exceed place to implement a PKI is in the operating system. Operating systems already provide a number of other infrastructures, like the printing infrastructure that moves documents to printers and the file service infrastructure that retrieves files from shared storage.In both cases, the operating system provides a capability to transparently and easily use a network service, just as a PKI does. F. Digital security measuresspackaging for public key So far, this paper has mentioned public keys when talking about the objects that a PKI uses. spell public keys are required for PKI-based security, theyre usually packaged as digital credentialss. (Its important to stress that only public keys are packaged into certificates. The private key is never shared, so it doesnt require packagingits simply stored securely). The certificate contains the public key and a set of attributes, like the key holders name.These attributes may be related to the holders identity, what theyre allowed to do, or under what conditions the certificate is valid. The binding between attributes and the public key is present because the certificate is digitally signed by the entity that issued it the issuers signature on the certificate vouches for its authenticity and correctness. For a real-world analogy, look in your wallet. If you have a drivers licence, you have the equivalent of a digital certificate. Your license contains a unique key (your license number) and some attributes (an expiration date, your name, address, blur color, and so on).Its issued by a trusted agency and laminated to prevent it from universe tampered with. Anyone who trusts the agency that issued your license and verifies that the lamination is intact can rely on its authenticity. At that point, though, the analogy breaks downin the real world, only the government can issue a drivers license, so everyone knows that a license issued by Joes sincerely Good DMV isnt valid. How do you make the same determination with a digital certificate? The answer lies in the concept of a certificate hierarchy.In a hierarchy, as shown in convention 1, each issuer, or certificate imprimatur, signs (using its own private key) the certificates it issues. The public half of the CAs keyp air is itself packaged in a certificateone that was issued by a higher-level CA. This pattern can continue through with(predicate) as many levels as desired, with each CA certifying the authenticity of the certificates it has issued. Eventually, though, there must be a top-level CA, called a calm down certificate authority. Since theres zero above the root CA in the hierarchy, theres nobody to vouch for the authenticity and origin of its certificate.Instead, the root CA signs its own certificateit simply asserts that it is the root. Figure 1 What a certificate hierarchy looks like Clearly, its not secure to accept a root CAs assertion of its own identity. To verify a root CAs certificate, a trusted copy of its public key is obtained via an out-of-band method-that is, its delivered by a third party instead of over the networkand the key is used to verify that the root certificate is bona fide. Microsoft provides the public keys for many everyday root CAs in PK-enabled products li ke Internet Explorer, allowing users to verify those roots transparently.Root CAs can also provide copies of their public keys for downloading from public web sites. Once the root key has been delivered via an out-of-band means, the user can verify the root certificate, and hence the ideal certificate chain. Even better, because each certificates digital signature protects it from tampering, certificate handcuffs can be freely passed over insecure media like the Internet. G. Public key enabled application Once your PKI can issue, publish, and control certificates, the next tincture is to deploy applications that can use them.A well-written application that is tightly integrated with the delay of the PKI can make the use of public-key cryptography all but transparent to the user. The user should not need to know how cryptography works, where certificates are stored, or any of the other detailsthey should simply indicate what they want done, and take it to the applications and th e PKI to make it happen. Applications can use digital certificates to deliver the benefits of public-key cryptography, and they can melt cryptographic functions like signing and encryption to make possible e-commerce, secure network access, or other desirable services.All Microsoft applications that use public-key cryptography are natively public-key enabled. For example, the Microsoft Outlook messaging and collaboration client offers built-in signing and encryption support, feature with the ability to use certificate publishers and root certificates from a number of sources. Internet Explorer, Microsoft Money, and Internet Information Server provide the ability to set up encrypted web sessions. PKI-enabled applications can build on industry-standard protocols to speed evolution and allow easy interoperability with other organizations, too.H. Hardware support The increasing foodstuff demand for PKI implementations has spurred hardware vendors to develop cryptographic hardware, i ncluding smart tease, PC cards, and PCI cards that offer onboard cryptographic processing. These hardware devices offer a wide range of capabilities. On the low end, smartcards offer limited cryptographic processing combined with secure key storage on the high end, multiprocessor crypto-accelerators allow high-volume web services to secure data without suffering from bottlenecks caused by software cryptographic modules.The best thing about PKI hardware devices is that theyre optionalif your application requires surplus performance or security, you can add hardware to provide it as necessary, but you can still build a completely usable PKI in software. I. Models The standalone CA sample The standalone CA clay sculpture (see Figure 2) is believably familiar to you if youve used SSL-protected web sites. In the standalone model, some third-party entity holds the root key and certificate for your organization, and it issues and revokes all certificates for your users.This third par ty might be a mercenary CA like VeriSign, Thawte, Belsign, or GTE Cybertrust it could also be a bank, a law firm, a trade association, or any other organization that you trust to issue certificates on your behalf. Figure 2 The standalone CA model This model allows trust both within and external your organization, so you can exchange secure e-mail and e-commerce transactions with outsiders. Standalone CAs also free you from the complexities of issuing, revoking, and tracking certificates.However, it requires you to trust some outside entity with your certificate management, and many third-party CAs impose an individual(a)ist charge for each issued certificate. The enterprise CA model In this model (see Figure 3), your enterprise acts as its own CA, issuing and revoking certificates field of battle to your business requirements. Because no outsourcing provider is involved, your organization maintains complete control over its PKI. In addition to that control, though, you can gua rantee that no one outside the enterprise can obtain a certificate unless you issue it to them.This model works well for controlling access to internal resources, or for generating certificates whose attributes would be meaningless to an outside entity. For example, you could issue certificates to managers that would allow them to make electronic trip reservations through the company travel office. Figure 3 The enterprise CA model Enterprise CAs with subordinates You can expand the flexibility of the enterprise CA model by adding subordinate CAs for individual departments, business units, or subdivisions of the organization. most(prenominal) organizations already delegate some amount of administrative control to their subunits.For example, individual managers at most companies have some level of purchasing authority higher-ranking managers can write bigger checks. Even though theres a centralized purchasing department that does much of the enterprise-wide buying, individual units still have the ability to perform day-to-day purchasing tasks. Choose your trust model If the choice of a CA model is the most important one you face when implementing a PKI, choosing a trust model comes in a very close second. When you trust a root, youre making an implicit didactics that you trust them to be careful about who they issue certificates to.In this case, careful isnt quite a the right word what youre really saying is that you trust them to follow their incontrovertible policies and procedures to verify the identity of a certificate holder when they issue the certificate. When you read to trust a root certificate, youre also choosing to trust certificates signed by that root. Depending on the CA model you use, the practical impact of this choice could be large (as when you choose to trust a large, widely used commercial root CA) or small (like deciding to trust your own story department).Normally these decisions are made for the enterprise as a whole however, the Windows 2000 PKI allows individual users (or their administrators) to make their own trust decisions. In addition, administrators may override or augment user trust decisions with group policies. You also have to choose what you trust certificates to be used for. The X. 509 v3 certificate standard allows you to specify whether certificates can be used for signing, encryption, or both. For example, you might want to give everyone signature certificates but restrict the use of encryption-capable certificates to certain departments or individuals.Microsoft has extended this feature to allow you to specify additional uses, including signing software components, logging on using a smart card, or recovering an encrypted file. When using the Windows 2000 PKI, the issuer has thoroughgoing control over what the certificate can be used for. IV Conclusion Public key cryptography offers critical business advantages, including the ability to conduct e-commerce and normal business operations wit h increased privacy, security, and assurance. To deliver these benefits, a public-key infrastructure is necessary that makes it easy to manage, publish and use public keys.Windows 2000 offers a PKI that is completely integrated with the operating system and provides flexible, secure, interoperable services that are easy to use, easy to deploy, and easy to manage. References N. Ferguson B. Schneier (2003). Practical Cryptography. Wiley. ISBN 0-471-22357-3. J. Katz Y. Lindell (2007). Introduction to Modern Cryptography. CRC Press. ISBN 1-58488-551-3. J. Menezes P. C. van Oorschot S. A. Vanstone (1997). Handbook of Applied Cryptography. ISBN 0-8493-8523-7. IEEE 1363 Standard Specifications for Public-Key Cryptography Single Sign-On Technology for gull Enterprises What does SAP have to say? 1 Ed Gerck, Overview of Certification Systems x. 509, CA, PGP and SKIP, in The faint Hat Briefings 99, http//www. securitytechnet. com/resource/rsc-center/presentation/black/vegas99/certover. pdf andhttp//mcwg. org/mcg-mirror/cert. htm Stephen Wilson, Dec 2005, The importance of PKI now, China Communications, Retrieved on 2010-12-13 Mark Gasson, Martin Meints, Kevin Warwick (2005), D3. 2 A study on PKI and biometrics, FIDIS deliverable (3)2, July 2005